Jump to content

scoutt

Honorary Members
  • Posts

    127
  • Joined

  • Last visited

Everything posted by scoutt

  1. yeah machine in question is on 1.0.45000, I'll see about trying to get it updated. Thank you sir.
  2. That's weird because it just happened again last night. Can you tell me what version has the fix? I'll check the machine and see if it is up to date. It appears to be currently
  3. I have two DLL's that keep showing up as Malware.AI.1042087896. They appear to be for color scanner software. PIXN1320.zip PIXN1120.zip
  4. Here is a DLL that keeps getting caught today by Malware.AI. AfCore.dll AfCore.zip
  5. Thanks Shadowwar WSU.zip
  6. Logs are way to big to send in the forum.
  7. Hi Porthos, we are on Nebula, we don't have a scanning window. These are scheduled hyper scans.
  8. Which log file sUBs, there are a few of them lol
  9. We are getting hammered with the following Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3} Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E71CA55D-3A3F-4662-BA87-0B21C5ED5DE3} Malware.AI.3704461979 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\AppWin\User_Setting_WSUL Malware.AI.3704461979 File Malware Quarantined C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\AppWin\User_Setting_WSUL Malware.AI.3704461979 File Malware Quarantined C:\WINDOWS\SYSTEM32\WSU.EXE Please allow, these are legit Malware.AI is not very smart as these have not changed in years
  10. Thanks guys, just waiting to her back from my service team. It didn't detect on my sample so it might be good.
  11. Can I have this white listed so Malware.AI.4279627738 doesn't hit it anymore? Also for the Business side of things Thanks in advanced Valerus Player.zip
  12. cool thanks for checking.
  13. Does that cover all that I posted or jus the small sample?
  14. We just got hammered on this weeks full scan. A list of what appears to be legit Microsoft Scheduled tasks, here is a small sample. All task that got hit are in the text file. Appears some to be part of the customer experience program, but can't be positive, and some about cleanup on the PC itself. RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{86158314-60CF-4F3F-85B5-2399327EA496} RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{86158314-60CF-4F3F-85B5-2399327EA496} RiskWare.Injector.Generic Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange RiskWare.Injector.Generic File Malware Quarantined C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange scheduled tasks.txt
  15. Thank you, haven't see anymore since yesterday
  16. Now it seems that AI is detecting false positives on own software? One would think that you guys would have all your stuff whitelisted already. Malware.AI.3379829119 File Malware Quarantined C:\PROGRAMDATA\MALWAREBYTES DISCOVERY AND DEPLOYMENT\REMOTEPUSH\MBREMOTEEXEC.EXE Malware.AI.3379829119 File Malware Quarantined C:\WINDOWS\MBREMOTEEXEC-4544-{SERIAL}.EXE
  17. lol, I'm not going to do that on 300+ machines. We are on Business Malwarebytes
  18. Hey Shadowwar, its been an hour and we are still getting these as detections
  19. I have a couple more false positives. These are home grown. Please white list ASAP. What about reg keys, do I white list them or you guys? SFCRun.zip USBDriveMsg.zip
  20. Why has this not been added to the whitelist yet?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.